Netscape.Navigator.URI.Handlers.Code.Execution
Description
A vulnerability has been identified in Netscape Navigator, which could be exploited by attackers to take complete control of an affected system with MS Internet Explorer 7 installed. This issue is caused by an input validation error when processing specially crafted arguments passed to certain registered URI handlers (e.g. "mailto:"). It could be exploited by remote attackers to inject and execute arbitrary commands, by tricking a user into visiting a specially crafted web page using a vulnerable browser.
Affected Products
Netscape version 9.0 and prior.
Impact
System compromise.
Recommended Actions
We are not aware of any officially releaseed patch or update.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-02 | 16.972 |